{"vulnerability": "cve-2022-2471", "sightings": [{"uuid": "be615ade-b1d0-4453-aa02-438f56d7dc75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24716", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "e3aa9b65-61f3-4453-a59e-e78c24fb5b80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24716", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "9da82c79-c9f4-49dc-a307-8c0e0d14bfea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24716", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:44.000000Z"}, {"uuid": "3768abce-4bf5-4c29-9927-ea0b706caadd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24713", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2434", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aProof of Concept/Test for CVE-2022-24713 on Ubuntu\nURL\uff1ahttps://github.com/ItzSwirlz/CVE-2022-24713-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-05T22:21:13.000000Z"}, {"uuid": "f2754ee5-42eb-4a99-876a-ee5ee46c9a31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24716", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/icinga_static_library_file_directory_traversal.rb", "content": "", "creation_timestamp": "2023-05-03T17:04:07.000000Z"}, {"uuid": "c5956005-c77f-4ac4-b823-488eef698cec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24717", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13115", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24717\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: ssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.5, a cross site scripting (XSS) issue can occur when providing untrusted input to the `redirect.link` property as an argument to the `build(MessagePageOptions)` function. While there is no known workaround at this time, there is a patch in version 0.1.5.\n\ud83d\udccf Published: 2022-03-01T18:40:11.000Z\n\ud83d\udccf Modified: 2025-04-23T18:59:43.610Z\n\ud83d\udd17 References:\n1. https://github.com/Finastra/ssr-pages/security/advisories/GHSA-7f63-h6g3-7cwm\n2. https://github.com/Finastra/ssr-pages/pull/2\n3. https://github.com/Finastra/ssr-pages/pull/2/commits/133606ffaec2edd9918d9fba5771ed21da7876a5\n4. https://github.com/Finastra/ssr-pages/commit/98abc59e28fec48246be0d59ac144675d6361073", "creation_timestamp": "2025-04-23T19:05:07.000000Z"}, {"uuid": "279a62fd-1523-48b3-ad05-4577a4c31c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24712", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13111", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24712\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L)\n\ud83d\udd39 Description: CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery (CSRF) protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for this vulnerability, but users will still need to code as these after upgrading to v4.1.9. Otherwise, the CSRF protection may be bypassed. If auto-routing is enabled, check the request method in the controller method before processing. If auto-routing is disabled, either avoid using `$routes->add()` and instead use HTTP verbs in routes; or check the request method in the controller method before processing.\n\ud83d\udccf Published: 2022-02-28T16:00:12.000Z\n\ud83d\udccf Modified: 2025-04-23T19:00:10.052Z\n\ud83d\udd17 References:\n1. https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554\n2. https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst", "creation_timestamp": "2025-04-23T19:05:04.000000Z"}, {"uuid": "14f95bfd-8c85-400c-b0a4-6471c9b60b6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24719", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13117", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24719\n\ud83d\udd25 CVSS Score: 2.6 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using `followRedirects` or `followRedirectsWith` with any of the redirection strategies built into fluture-node 4.0.0 or 4.0.1, paired with a request that includes confidential headers such as Authorization or Cookie, exposes you to a vulnerability where, if the destination server were to redirect the request to a server on a third-party domain, or the same domain over unencrypted HTTP, the headers would be included in the follow-up request and be exposed to the third party, or potential http traffic sniffing. The redirection strategies made available in version 4.0.2 automatically redact confidential headers when a redirect is followed across to another origin. A workaround has been identified by using a custom redirection strategy via the `followRedirectsWith` function. The custom strategy can be based on the new strategies available in fluture-node@4.0.2.\n\ud83d\udccf Published: 2022-03-01T20:20:13.000Z\n\ud83d\udccf Modified: 2025-04-23T18:59:31.760Z\n\ud83d\udd17 References:\n1. https://github.com/fluture-js/fluture-node/security/advisories/GHSA-32x6-qvw6-mxj4\n2. https://github.com/psf/requests/pull/4718\n3. https://github.com/fluture-js/fluture-node/commit/0c99bc511533d48be17dc6bfe641f7d0aeb34d77\n4. https://github.com/fluture-js/fluture-node/commit/125e4474f910c1507f8ec3232848626fbc0f55c4", "creation_timestamp": "2025-04-23T19:05:12.000000Z"}, {"uuid": "87125416-21f9-4ea8-8250-5a6ff6bbc76b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24715", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24715\n\ud83d\udd25 CVSS Score: 8.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration.\n\ud83d\udccf Published: 2022-03-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-23T18:58:50.966Z\n\ud83d\udd17 References:\n1. https://github.com/Icinga/icingaweb2/security/advisories/GHSA-v9mv-h52f-7g63\n2. https://github.com/Icinga/icingaweb2/commit/a06d915467ca943a4b406eb9587764b8ec34cafb\n3. https://security.gentoo.org/glsa/202208-05\n4. http://packetstormsecurity.com/files/173516/Icinga-Web-2.10-Remote-Code-Execution.html", "creation_timestamp": "2025-04-23T19:05:20.000000Z"}, {"uuid": "9d053e11-db71-4d8f-95c2-6774519b2c90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24716", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13124", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24716\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.\n\ud83d\udccf Published: 2022-03-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-23T18:58:45.413Z\n\ud83d\udd17 References:\n1. https://github.com/Icinga/icingaweb2/security/advisories/GHSA-5p3f-rh28-8frw\n2. https://github.com/Icinga/icingaweb2/commit/9931ed799650f5b8d5e1dc58ea3415a4cdc5773d\n3. https://security.gentoo.org/glsa/202208-05\n4. http://packetstormsecurity.com/files/171774/Icinga-Web-2.10-Arbitrary-File-Disclosure.html", "creation_timestamp": "2025-04-23T19:05:21.000000Z"}, {"uuid": "64c52218-8775-4e69-9010-13c40717e327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24713", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13128", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24713\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.\n\ud83d\udccf Published: 2022-03-08T19:00:12.000Z\n\ud83d\udccf Modified: 2025-04-23T18:58:21.068Z\n\ud83d\udd17 References:\n1. https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8\n2. https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e\n3. https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/\n6. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/\n7. https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html\n8. https://www.debian.org/security/2022/dsa-5113\n9. https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html\n10. https://www.debian.org/security/2022/dsa-5118\n11. https://security.gentoo.org/glsa/202208-08\n12. https://security.gentoo.org/glsa/202208-14", "creation_timestamp": "2025-04-23T19:05:28.000000Z"}, {"uuid": "af9c1ad4-6d6d-43c5-b5f9-9f1992f09052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24714", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13129", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24714\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may still have access to a collection of content. Note that this only applies if a role has implicitly permitted access to hosts, due to permitted access to at least one of their services. If access to a host is permitted by other means, no sensible information has been disclosed to unauthorized users. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2.\n\ud83d\udccf Published: 2022-03-08T19:55:09.000Z\n\ud83d\udccf Modified: 2025-04-23T18:56:46.880Z\n\ud83d\udd17 References:\n1. https://github.com/Icinga/icingaweb2/security/advisories/GHSA-qcmg-vr56-x9wf\n2. https://github.com/Icinga/icingaweb2/commit/6e989d05a1568a6733a3d912001251acc51d9293\n3. https://security.gentoo.org/glsa/202208-05", "creation_timestamp": "2025-04-23T19:05:29.000000Z"}, {"uuid": "192c152b-0911-4713-b86c-1f2cb6f90b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2471", "type": "seen", "source": "https://t.me/cibsecurity/49813", "content": "\u203c CVE-2022-2471 \u203c\n\nStack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device. This issue affects: EZVIZ CS-CV248 versions prior to 5.2.3 build 220725. EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428. EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802. EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712. EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-15T18:27:31.000000Z"}, {"uuid": "0909c0d1-eb74-4ab9-ae36-3d2a72f39eb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24718", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13116", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24718\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L)\n\ud83d\udd39 Description: ssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the `svg` property as an argument to the `build(MessagePageOptions)` function. While there is no known workaround at this time, there is a patch in version 0.1.4.\n\ud83d\udccf Published: 2022-03-01T18:45:13.000Z\n\ud83d\udccf Modified: 2025-04-23T18:59:37.239Z\n\ud83d\udd17 References:\n1. https://github.com/Finastra/ssr-pages/security/advisories/GHSA-w6cx-qg2q-rvq8\n2. https://github.com/Finastra/ssr-pages/pull/1\n3. https://github.com/Finastra/ssr-pages/pull/1/commits/c3e4c563384ae3ba3892f37dd190218577620780", "creation_timestamp": "2025-04-23T19:05:11.000000Z"}, {"uuid": "4a8f2fcb-abe3-47e2-b30e-67a0e01d8a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24716", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2612", "content": "CVE-2022-24716:  Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2`.\n\nPoC Icinga Web 2 <2.8.6, <2.9.6, <2.10 https://github.com/JacobEbben/CVE-2022-24716", "creation_timestamp": "2023-03-21T09:01:04.000000Z"}, {"uuid": "9160d7e7-3842-4374-b562-7bb79f78f0d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24719", "type": "seen", "source": "https://t.me/cibsecurity/38285", "content": "\u203c CVE-2022-24719 \u203c\n\nFluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using `followRedirects` or `followRedirectsWith` with any of the redirection strategies built into fluture-node 4.0.0 or 4.0.1, paired with a request that includes confidential headers such as Authorization or Cookie, exposes you to a vulnerability where, if the destination server were to redirect the request to a server on a third-party domain, or the same domain over unencrypted HTTP, the headers would be included in the follow-up request and be exposed to the third party, or potential http traffic sniffing. The redirection strategies made available in version 4.0.2 automatically redact confidential headers when a redirect is followed across to another origin. A workaround has been identified by using a custom redirection strategy via the `followRedirectsWith` function. The custom strategy can be based on the new strategies available in fluture-node@4.0.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-02T00:24:37.000000Z"}, {"uuid": "ed783191-5557-4914-acf5-911e8fe76e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24713", "type": "seen", "source": "https://t.me/cibsecurity/38553", "content": "\u203c CVE-2022-24713 \u203c\n\nregex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-08T22:40:53.000000Z"}, {"uuid": "140b0fe8-f309-4e2d-9d78-cd8efe2aba9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24717", "type": "seen", "source": "https://t.me/cibsecurity/38278", "content": "\u203c CVE-2022-24717 \u203c\n\nssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.5, a cross site scripting (XSS) issue can occur when providing untrusted input to the `redirect.link` property as an argument to the `build(MessagePageOptions)` function. While there is no known workaround at this time, there is a patch in version 0.1.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-01T22:23:38.000000Z"}, {"uuid": "c320af33-83c5-4a54-86f2-ec3221a456a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24718", "type": "seen", "source": "https://t.me/cibsecurity/38277", "content": "\u203c CVE-2022-24718 \u203c\n\nssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the `svg` property as an argument to the `build(MessagePageOptions)` function. While there is no known workaround at this time, there is a patch in version 0.1.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-01T22:23:36.000000Z"}, {"uuid": "9de6f26f-de4c-421f-b74d-4d8ec8bd7371", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24711", "type": "seen", "source": "https://t.me/cibsecurity/38176", "content": "\u203c CVE-2022-24711 \u203c\n\nCodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-28T18:23:19.000000Z"}, {"uuid": "da06ba4d-230d-4026-b8d3-dff6d4576d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24716", "type": "seen", "source": "https://t.me/cibsecurity/38556", "content": "\u203c CVE-2022-24716 \u203c\n\nIcinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-08T22:40:55.000000Z"}, {"uuid": "729c0dad-f8fb-4fb2-8d8d-9de07fe309f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24714", "type": "seen", "source": "https://t.me/cibsecurity/38557", "content": "\u203c CVE-2022-24714 \u203c\n\nIcinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may still have access to a collection of content. Note that this only applies if a role has implicitly permitted access to hosts, due to permitted access to at least one of their services. If access to a host is permitted by other means, no sensible information has been disclosed to unauthorized users. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-08T22:40:56.000000Z"}, {"uuid": "d11f4f3d-4f7e-4ce3-9d10-cb742d6c30da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24715", "type": "seen", "source": "https://t.me/cibsecurity/38554", "content": "\u203c CVE-2022-24715 \u203c\n\nIcinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-08T22:40:54.000000Z"}, {"uuid": "b079e33b-c742-4f1c-a8dc-18481d041de5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24710", "type": "seen", "source": "https://t.me/cibsecurity/38139", "content": "\u203c CVE-2022-24710 \u203c\n\nWeblate is a copyleft software web-based continuous localization system. Versions prior to 4.11 do not properly neutralize user input used in user name and language fields. Due to this improper neutralization it is possible to perform cross-site scripting via these fields. The issues were fixed in the 4.11 release. Users unable to upgrade are advised to add their own neutralize logic.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T00:43:27.000000Z"}, {"uuid": "d2e485d1-c65b-4524-806d-039aef4fcb66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24716", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7967", "content": "#exploit\n1. CVE-2022-24715 / CVE-2022-24716:\nAuthenticated RCE / Arbitrary File Disclosure Vulnerability in Icinga Web2 <2.8.6, <2.9.6, <2.10\nhttps://github.com/JacobEbben/CVE-2022-24715\nhttps://github.com/JacobEbben/CVE-2022-24716\n\n2. CVE-2023-27326:\nVM Escape for Parallels Desktop <18.1.1\nhttps://github.com/Impalabs/CVE-2023-27326\n\n3. CVE-2023-23192:\nUserlock Multi-Factor Authentication (MFA) Bypass\nhttps://github.com/pinarsadioglu/CVE-2023-23192", "creation_timestamp": "2023-03-21T11:01:01.000000Z"}, {"uuid": "90433487-f38b-44ac-8bf8-b2b461818185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24715", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7967", "content": "#exploit\n1. CVE-2022-24715 / CVE-2022-24716:\nAuthenticated RCE / Arbitrary File Disclosure Vulnerability in Icinga Web2 <2.8.6, <2.9.6, <2.10\nhttps://github.com/JacobEbben/CVE-2022-24715\nhttps://github.com/JacobEbben/CVE-2022-24716\n\n2. CVE-2023-27326:\nVM Escape for Parallels Desktop <18.1.1\nhttps://github.com/Impalabs/CVE-2023-27326\n\n3. CVE-2023-23192:\nUserlock Multi-Factor Authentication (MFA) Bypass\nhttps://github.com/pinarsadioglu/CVE-2023-23192", "creation_timestamp": "2023-03-21T11:01:01.000000Z"}, {"uuid": "a236a4d9-545a-41ff-b6ca-9e6b52609914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24712", "type": "seen", "source": "https://t.me/cibsecurity/38185", "content": "\u203c CVE-2022-24712 \u203c\n\nCodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery (CSRF) protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for this vulnerability, but users will still need to code as these after upgrading to v4.1.9. Otherwise, the CSRF protection may be bypassed. If auto-routing is enabled, check the request method in the controller method before processing. If auto-routing is disabled, either avoid using `$routes->add()` and instead use HTTP verbs in routes; or check the request method in the controller method before processing.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-28T18:23:32.000000Z"}]}